Top Document: comp.security.unix and comp.security.misc frequently asked questions Previous Document: Table of contents Next Document: Can anyone here tell me how to exploit the [whatever] bug? or Can anyone here tell me how to break in to my ISP? See reader questions & answers on this topic! - Help others by sharing your knowledge This is not supposed to be a statement of group consensus. This is simply supposed to be a few VERY frequently asked questions and their answers, so that we can snidely say "see the faq" when people ask them. The answers supplied are supposed to be completely uncontroversial amongst people who know what they're talking about. (My first answer might be a bit borderline in this respect but I don't recall ever having seen a contrary opinion here.) Except for the portscan question, in which I've attempted to present ALL of the major views. Contributions of questions are welcome (with or without answers); however, the idea is that they are supposed to be things which have straightforward answers and which we see very frequently (at least prior to their inclusion in this document). If your answer is long, it might not belong in this document, at least as I see the purpose of this document. For example, it is intentional that this document doesn't contain firewall recommendations, even though that's a frequently-asked question here. (But see the firewall faq at http://www.interhack.net/pubs/fwfaq/) Thanks to Juan Gallego, Lamont Granquist, and Martin Ouwehand for additional suggestions re finding setuid files on different versions of unix. Thanks to Dan Farmer for making me aware of cops 1.04+ (cf 1.04). Thanks to Dan Niles and Jyrki Havia for tripwire bug details as posted to the newsgroup. Thanks to Scott Barman for a Windows NT security book reference. Thanks to Robert Graham for suggesting I cite his good firewall-seen.html file. Thanks to Denis McKeon and Olaf Schreck for improvements to my bit about editing the SATAN perl file (to avoid newbie errors). Disclaimer: The posting of this file is not to be construed as a commitment to provide free consulting to people I don't know. Post your questions to the newsgroup and I might answer them there, or someone else might do it better. (Although if you say "please send e-mail copies", I'm going to ignore your message.) Disclaimer 2: There ARE errors in this file, but at the time of writing, I didn't know what they were. (If I knew, I would have fixed them.) This document is offered on an "as-is" basis, no warranty is implied, blah blah blah. The metafaqs say you should choose a random day of the month to post monthly faqs on, so I just used random() and got the number 22 (I don't think it's necessary for it to be a cryptographic random number). Yes, I know that syntactically, these are not all "questions". User Contributions:Top Document: comp.security.unix and comp.security.misc frequently asked questions Previous Document: Table of contents Next Document: Can anyone here tell me how to exploit the [whatever] bug? or Can anyone here tell me how to break in to my ISP? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: flaps@dgp.toronto.edu (Alan J Rosenthal)
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: